package org.phantom.securityframework.local;

import java.util.ArrayList;
import java.util.List;

import javax.annotation.Resource;

import org.apache.shiro.subject.Subject;
import org.phantom.securityframework.api.Account;
import org.phantom.securityframework.api.Permission;
import org.phantom.securityframework.api.RoleManager;
import org.springframework.stereotype.Service;

import org.phantom.securityframework.api.domain.Group;
import org.phantom.securityframework.api.domain.Role;
import org.phantom.securityframework.auth.realm.SubjectPermissionRealm;

@Service
public class GroupRolePermissionRealm implements SubjectPermissionRealm {

	@Resource
	private RoleManager roleManager= null;
	@Override
	public List<Permission> getSubjectPermission(Subject subject) {
		if(subject==null)return null;

		List<Permission> allPermission = new ArrayList<Permission>();
		Account account = (Account) subject;
		List<Group> groups = account.getGroups();

		for(Group group:groups){
			List<Role> roles = group.getRoles();
			if(roles!=null){
				for (Role role : roles) {
					allPermission.addAll(roleManager.permissions(role));
				}
			}
				
		}
		return allPermission;
	}

}
